General

  • Target

    2024-12-28_9c95701828ea760d22f26207df818d27_wannacry

  • Size

    5.0MB

  • Sample

    241228-qp6j2ayjd1

  • MD5

    9c95701828ea760d22f26207df818d27

  • SHA1

    dca9ae2be2731345728d4a6238538084a64b5383

  • SHA256

    96c70a0c0d4b0e86a9e359a53bd31a3ff30c77ac5aed43afab853d58f6e7a991

  • SHA512

    633015aa9efb37e78350c2da297b9e9269d9af188e371bc35b10550be018d463af2b67035b90b4744de1235010f4621055113651eedf0bd0e04a790faccd6d75

  • SSDEEP

    12288:GebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+D0r452:XbLgddQhfdmMSirYbcMNgef0Br45

Malware Config

Targets

    • Target

      2024-12-28_9c95701828ea760d22f26207df818d27_wannacry

    • Size

      5.0MB

    • MD5

      9c95701828ea760d22f26207df818d27

    • SHA1

      dca9ae2be2731345728d4a6238538084a64b5383

    • SHA256

      96c70a0c0d4b0e86a9e359a53bd31a3ff30c77ac5aed43afab853d58f6e7a991

    • SHA512

      633015aa9efb37e78350c2da297b9e9269d9af188e371bc35b10550be018d463af2b67035b90b4744de1235010f4621055113651eedf0bd0e04a790faccd6d75

    • SSDEEP

      12288:GebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+D0r452:XbLgddQhfdmMSirYbcMNgef0Br45

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Wannacry family

    • Contacts a large (3330) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks